Home / malware Trojan-Downloader:W32/Fakerean.gen!A
First posted on 28 September 2009.
Source: SecurityHomeAliases :
There are no other names known for Trojan-Downloader:W32/Fakerean.gen!A.
Explanation :
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Additional DetailsTrojan-Downloader:W32/Fakerean.gen!A is a Generic Detection for malware that downloads and installs rogue antivirus programs onto the computer.
Once installed, the rogue antivirus program will display misleading or downright false warnings and/or scanning results, pressuring users into paying to "activate" the program, in order to remove/disinfect the supposed "threats". Even if the user pays for the "activation", the program may not function as intended.
Installation
During installation, the malware creates the following file:
  • %windir%ieocx.dll
Where %windir% represents the Windows Directory.
The following modules are then loaded into other processes:
  • %windir%ieocx.dll - Loaded into %windir%system32
egsvr32.exe (PID: 1760)   • %windir%ieocx.dll - Loaded into %programfiles%Internet ExplorerIEXPLORE.EXE (PID: 1120)Last update 28 September 2009
